IBM WebSphere MQ rriAcceptOAMUserAuth Heap Overflow Vulnerability

Product WebSphere MQ
Severity High
CVE Reference CVE-2009-0896
Type IBM WebSphere MQ rriAcceptOAMUserAuth Heap Overflow Vulnerability

In June MWR InfoSecurity reported an IBM WebSphere MQ Remote Buffer Overflow. Due to the nature of the vulnerability full details were not released at that time. IBM have since released a patch and therefore the full details of the vulnerability can now be released:

The WebSphere MQ service can be used to transfer messages between systems and applications. It has been identified that incorrect data validation is performed leading to a subsequent heap overflow vulnerability in the packet handling routines. This vulnerability is associated with the memory allocation code and can result in the overwriting of data on the heap. This vulnerability could be exploited remotely from an unauthenticated perspective in order to execute arbitrary code.

The full advisory can be found from the download link above.